My P2 400 running linux smokes any of the CISCO gear I have used. Cheap CISCO usually means old, which is usually bested by commodity hardware. I am also not sold on the security of IOS. I trust linux and BSD far more (especially now with SELinux etc).
Its a shame I wasn't involved with CLUG a year ago, I gave a bunch of old CISCO
routers and switches away. --No trees were harmed in the transmission of this message, however a large number
of electrons were seriously inconvenienced. Quoting Shawn <[EMAIL PROTECTED]>:
These types of firewalls are good for home use. But the moment you start hosting servers, and/or adding in content filtering, they begin to become unsuitable. Sure you can do some port forwarding, but what if you only want to forward port 22, for 3 specific IPs, and block everyone else? The smaller boxes usually aren't set up to handle this. They also do not do content based filtering of any sort. So, they do have their uses, but are not sufficient for what the original poster was after (content based filtering). :) My IPCop box cost me $0.00. I'm using an old P166 that was given to me, and the software was free.. <grins>. That said, I would love to come across one of the higher end Cisco IOS routers (hardware router) for dirt cheap - hardware routing is SO sweet... But IPCop does everything I need for now, and then some... My thoughts... Shawn On Friday 09 September 2005 11:39, Greg King wrote:There is no question that a software based firewall like IP Cop is powerful, but it will never be as cheap as a firewall appliance if you shop around. For example, my son just bought an SMC firewall / router at futureshop for $4.99 after rebates. The GST on the purchase price put it in around $8.50 total cost. The box is the size of a small paperback novel, and is a 4 port 10/100 switch as well. It has a stateful firewall with some port and url filtering. He bought it solely to take to X-box gaming parties but I tried it out as a dhcp server, firewall, and router, and it wasn't bad at all. It operated in almost complete stealth mode according to "Shields up" (one identity port open). The power bill alone for a PC based firewall left running 24x7 for a reasonable amount of time is probably greater than the purchase price of this device, which operates with very low power requirements. It's not as interesting to setup/ tweak, but it is very cheap to own and operate. Regards, Greg_______________________________________________ clug-talk mailing list [email protected] http://clug.ca/mailman/listinfo/clug-talk_clug.ca Mailing List Guidelines (http://clug.ca/ml_guidelines.php) **Please remove these lines when replying
--------------------------------------------------- This message was sent using Echostar Secure Webmail
pgpjj4UQzcIvd.pgp
Description: PGP Digital Signature
_______________________________________________ clug-talk mailing list [email protected] http://clug.ca/mailman/listinfo/clug-talk_clug.ca Mailing List Guidelines (http://clug.ca/ml_guidelines.php) **Please remove these lines when replying
